Our first episode for 2023 features Dmitri Alperovitch, Paul Rosenzweig, and Jim Dempsey trying to cover a months’ worth of cyberlaw news. Dmitri and I open with an effort to summarize the state of play in the tech struggle between the U.S. and China. I say recent developments show the U.S. doing better than expected. U.S. companies like Facebook and Dell are engaged in voluntary decoupling as they imagine what their supply chains will look like if the conflict gets worse. China, after pouring billions into a so-far-fruitless effort to take the lead in high-end chip production, may be pulling back on the throttle. Dmitri is less sanguine, noting that Chinese companies like Huawei have shown that there is life after sanctions, and there may be room for a fast-follower model in which China dominates production of slightly less sophisticated chips, where much of the market volume is concentrated. Meanwhile, any Chinese retreat is likely tactical; where it has a dominant market position, as in rare earths, it remains eager to hobble U.S. companies.
Jim lays out the recent medical device security requirements adopted in the omnibus appropriations bill. It is a watershed for cybersecurity regulation of the private sector. It’s also overdue for digitized devices that in some cases can only be updated with another open-heart surgery. How much of a watershed it is may become clear when the White House cyber strategy, which has been widely leaked, is finally released. Paul explains it’s likely to show enthusiasm not just for more cybersecurity regulation but for liability as a check on bad cybersecurity. Dmitri points out that Biden administration enthusiasm for regulation may not lead to legislation now that Republicans control the House.
We all weigh in on LastPass’s problems with hackers –and with candid, timely disclosures. For reasons fair and unfair, two-thirds of the LastPass users on the show have abandoned the service over the Christmas break. I blame LastPass’s acquisition by private equity; Dmitri tells me that’s painting with too broad a brush.
I offer an overview of the Twitter Files stories by Bari Weiss, Matt Taibbi, and others. When I say that the most disturbing revelations concern the massive government campaigns to enforce orthodoxy on COVID-19, all hell breaks loose. Paul in particular thinks I’m egregiously wrong to worry about any of this. No chairs are thrown, mainly because I’m in Virginia and Paul’s in Costa Rica. But it’s a heartfelt, entertaining, and maybe even illuminating debate.
In shorter and less contentious segments:
- Dmitri unpacks the latest effort by Russian hackers to subvert the security of a Ukrainian web-based military information site. He thinks the Ukrainian ability to use the site despite Russian attacks may have lessons for NATO.
- Dmitri also sheds light (and not a little shade) on Chinese claims to have broken RSA with a quantum computer.
- Jim updates us on TikTok’s travails and the ongoing debate over restricting its use in the U.S.
- I point out that another black man has been arrested, apparently wrongly, because of a facial recognition error – bringing the grand total of such mistaken face-recognition arrests in the entire country over the past decade to, well, four. All of which could have been avoided by a modest change in police department policy.
- On the other hand, I find a new and shocking abuse of facial recognition to oppress the most loathed minority in America: Lawyers. Madison Square Garden, in what must be the dumbest corporate policy of the year, uses facial recognition to identify lawyers working for law firms that have ongoing lawsuits against the company. The apparent purpose, or at least the result, is to prevent lawyers from those firms from bringing Girl Scout troops to see the Rockettes. No problem, though; I am sure everyone would rather watch the ensuing litigation.
- I remind listeners that Trump’s return to Facebook and Instagram could happen very soon.
- The EU has advanced Its transatlantic data deal with the US, though more thrashing about should be expected.
- And I take a victory lap as Google acknowledges I was right about the reason ChatGPT beat Google’s AI bot to market: Even though ChatGPT gives a good Turing Test imitation of a sociopath with too many lawyers, Google is so afraid of reputational harm that it won’t release its own synthetic sociopath without saddling it with even more lawyers.
Download the 436th Episode (mp3)
You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.